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Before LEE E. BARRETT, HOWARD B. BLANKENSHIP, and 
JAMES R. HUGHES, Administrative Patent Judges. 

BLANKENSHIP, Administrative Patent Judge. 

DECISION ON APPEAL 

STATEMENT OF THE CASE 

This is an appeal under 35 U.S.C. § 134(a) from the Examiner's final 
rejection of claims 1-15 and 17-21, which are all the claims remaining in the 
application. We have jurisdiction under 35 U.S.C. § 6(b). 

We reverse, and enter a new ground of rejection against claims 1-10. 
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Representative Claim 



1 . A system comprising : 

a plurality of certificate authorities (CAs) in which each CA 
maintains and distributes digital certificates revoked by itself in the 
form of a certificate revocation list (CRL), and different CAs may use 
different CRL distribution mechanisms; 

multiple CRL retrieval agents configured to periodically 
retrieve CRLs at time intervals from different CAs using a plurality of 
CRL retrieval agents based on the CRL distribution mechanisms of 
CAs; 

a plurality of CRL databases for storing the consolidated CRLs 
from the multiple CRL retrieval agents and/or the replications of 
CRLs, the CRL databases storing at least one individually identifiable 
revoked digital certificate; and 

a CRL access user interface for providing a uniform set of 
Application Program Interfaces for users accessing the CRLs in the 
CRL database, said system enabling consolidation and access of the 
certificate revocation lists (CRLs) from the plurality of certificate 
authorities (CAs). 



Prior Art 



Curry 

Strellis 

Ng 



6,128,740 



6,304,882 Bl 
6,411,956 Bl 
6,442,689 Bl 
6,658,568 Bl 



Oct. 3, 2000 
Oct. 16, 2001 
Jun. 25, 2002 
Aug. 27, 2002 
Dec. 2, 2003 



Kocher 
Ginter 



2 



Appeal 2008-006166 
Application 09/754,813 

Vesna Hassler, X.500 andLDAP Security: a Comparative Overview, 
IEEE Network, Vol. 13, No. 6, pp. 54-64 (Nov/Dec. 1999) ("Hassler"). 

B. Kaliski, Privacy Enhancement for Internet Electronic Mail: Part 
IV: Key Certification and Related Services, RFC 1424, pp. 1-8 (Feb. 1993) 
("Kaliski"). 

Examiner's Rejections 

Claims 1, 4, 6, 7, 10, 11, 13-15, and 17-21 stand rejected under 35 
U.S.C. § 103(a) as being unpatentable over Kocher, Curry, and Ng. 

Claims 2, 8, and 12 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Kocher, Curry, Ng, and Ginter. 

Claim 3 stands rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Kocher, Curry, Ng, and Hassler. 

Claim 5 stands rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Kocher, Curry, Ng, and Kaliski. 

Claim 9 stands rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Kocher, Curry, Ng, Ginter, and Strellis. 

DISCUSSION 

The Standing Rejections 

Appellants argue independent claims 1, 11, and 18 in response to the 
§ 103(a) rejections. Appellants submit that each claim on appeal contains, 
or incorporates by limitation, a feature that is not found in the applied prior 
art. 

At the outset, we note that claim 1, as drafted, is indefinite. We set 
forth a new ground of rejection under 35 U.S.C. § 112, second paragraph, 
infra. For the sole purpose of comparing the claimed subject matter with the 



3 



Appeal 2008-006166 
Application 09/754,813 

prior art, and our review of the prior art rejections, we presume that claim 1 
requires multiple CRL (certificate revocation list) retrieval agents configured 
to periodically retrieve CRLs at time intervals from different CAs 
(certificate authorities) based on the CRL distribution mechanisms of CAs. 
Method claim 1 1 (first recited step) sets forth a limitation similar to that 
which we presume in claim 1, as does method claim 18 (first recited step). 

In the rejection of claim 1, the Examiner finds that Curry discloses 
multiple CRL retrieval agents configured to periodically retrieve CRLs at 
time intervals from different CAs using a plurality of CRL retrieval agents 
based on the CRL distribution mechanisms of CAs, referring to text at 
columns 2, 5, and 6 of the reference. Ans. 4. 

Curry at column 2, lines 26 through 41 discusses (with respect to the 
background of the invention) certification authority servers (managers) that 
collect their own revoked certificates and queue them to be published, on a 
periodic basis, with other existing revoked certificates. The reference, at 
column 5, lines 23 through 27, describes aspects of the Curry invention, 
whereby an on-demand publishing/queue "determinator" 34 (Fig. 2) receives 
revocation request data from a software application or a security officer. 
Curry at column 6, lines 33 through 38 refers to caching of CRL data on a 
client or network node, whereby the client or node periodically accesses a 
CRL repository 16 (Fig. 2). 

The seemingly relevant portion of the noted teachings of Curry relates 
to periodic updating of client caches with CRL data. Yet, the Examiner 
appears to refer to the certification authorities or managers as synonymous 
with the claimed "multiple retrieval agents." See Ans. 12 ("utilizing 
certification authorities or managers (i.e., multiple retrieval agents) . . . ."). 



4 



Appeal 2008-006166 
Application 09/754,813 

On the next page of the Answer, the Examiner appears to shift position and 
indicates that Curry's client or network nodes correspond to the claimed 
multiple retrieval agents. See id. at 13 ("the client or network node (i.e., 
CRL retrieval agents based on the CRL distribution mechanisms) 
periodically accesses the CRL retrieval repository 16 . . . ."). 

In any event, whether the "multiple retrieval agents" are deemed to be 
taught by the certification authorities or managers, or taught by the clients or 
network nodes that periodically access a repository to retrieve CRL data, we 
agree with Appellants that the Examiner has not shown that the references 
teach multiple CRL retrieval agents configured to periodically retrieve CRLs 
at time intervals from different CAs based on the CRL distribution 
mechanisms of CAs. As we have noted, the more relevant teaching in Curry 
appears to be the clients or network nodes that maintain local caches based 
on periodic retrieval of CRL data from a CA 12 (Fig. 2) that has been placed 
in a CRL repository 16. However, absent a convincing explanation from the 
Examiner, we are left to speculate how Curry might be deemed to teach the 
features attributed to the reference by the instant rejection. 

The Examiner bears the initial burden of establishing a prima facie 
case of obviousness. In re Oetiker, 977 F.2d 1443, 1445 (Fed. Cir. 1992). 
In a rejection on obviousness grounds, there must be some articulated 
reasoning with some rational underpinning to support the legal conclusion of 
obviousness. In re Kahn, 441 F.3d 977, 988 (Fed. Cir. 2006). We are 
unable to sustain the § 103(a) rejection of claim 1. 

The rejection of claim 11 (and claim 18) alleges that Kocher teaches 
creating a plurality of CRL retrieval agents, but that Curry teaches 
periodically retrieving CRLs at time intervals from different CAs using a 



5 



Appeal 2008-006166 
Application 09/754,813 

plurality of CRL retrieval agents based on the CRL distribution mechanisms 
of CAs. Ans. 6-8. The referenced portion of Curry, for the rejection of 
claims 11 and 18, appears to relate to the certification authorities or 
managers that we have discussed, and appears to have nothing to with 
retrieval agents that periodically retrieve CRLs at time intervals from 
different CAs based on the CRL distribution mechanisms of CAs. 

Because all of the standing rejections rely on the apparent deficiencies 
of Curry as applied against the claimed subject matter, we cannot sustain the 
§ 103(a) rejection of any claim on appeal. 

New Ground of Rejection - 35 U.S.C. § 112, Second Paragraph 

We reject claims 1-10 under 35 U.S.C. § 112, second paragraph, as 
being indefinite. 

Claims 2 through 10 depend from base claim 1. Claim 1 recites 
"multiple CRL retrieval agents configured to periodically retrieve CRLs at 
time intervals from different CAs using a plurality of CRL retrieval agents 
based on the CRL distribution mechanisms of CAs" (emphasis added). 

For our review of the § 103(a) rejections, we interpreted claim 1 as if 
the "using a plurality of CRL retrieval agents" was not present in the claim, 
consistent with corresponding recitations in claim 11 and claim 18. In 
Appellants' invention, however, multiple CRL retrieval agents do not use a 
plurality of CRL retrieval agents to periodically retrieve CRLs at time 
intervals from different CAs {see, e.g., App. Br. 3, Summary of Claimed 
Subject Matter and the referenced disclosure in the Specification).^ That is. 



^ The second occurrence of "retrieval agents" was introduced into claim 1 by 
an amendment submitted May 3, 2004. 
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in Appellants' invention the agents periodically retrieve CRLs from different 
CAs, rather than a plurality of CRL retrieval agents being used by multiple 
CRL retrieval agents to retrieve CRLs. 

We thus consider instant claim 1 to be misdescriptive of Appellants' 
invention, and thus indefinite under § 112, second paragraph. Moreover, 
even without consideration of Appellants' disclosed invention, the recitation 
of both "multiple CRL retrieval agents" and "a plurality of CRL retrieval 
agents" would leave one unable to determine whether a particular agent 
might make up part of the "multiple" and/or part of the "plurality." We 
therefore reject claims 1 through 10 under 35 U.S.C. § 112, second 
paragraph. 

DECISION 

The Examiner's rejections of claims 1-15 and 17-21 under 35 U.S.C. 
§ 103(a) are reversed. 

In a new ground of rejection, we reject claims 1-10 under 35 U.S.C. 
§ 112, second paragraph, as being indefinite. 

This decision contains a new ground of rejection pursuant to 37 
C.F.R. § 41.50(b) (2009). 37 C.F.R. § 41.50(b) provides "[a] new ground of 
rejection pursuant to this paragraph shall not be considered final for judicial 
review." 

37 C.F.R. § 41.50(b) also provides that the appellant, WITHIN TWO 
MONTHS FROM THE DATE OF THE DECISION, must exercise one of 
the following two options with respect to the new ground of rejection to 
avoid termination of the appeal as to the rejected claims: 
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(1) Reopen prosecution. Submit an appropriate amendment of 
the claims so rejected or new evidence relating to the claims so 
rejected, or both, and have the matter reconsidered by the examiner, in 
which event the proceeding will be remanded to the examiner. . . . 

(2) Request rehearing. Request that the proceeding be reheard 
under § 41.52 by the Board upon the same record. . . . 

No time period for taking any subsequent action in connection with 
this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. 
§ 41.50(f). 



REVERSED- 37 C.F.R. § 41.50(b) 



msc 
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